Nuprl - mb automata 4 Citations of all

Def

x:A. B(x) == x:A

B(x)

is mentioned by

Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(LabelLabel). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) guarded_trace(A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) closed_pred(I) single_valued_decls(A.ds) let M = [[A]] rho de e in (s:M.state, tr:([[A.da]] rho) List. (M -tr- > s) [[VCs(A;I)]] rho A.ds A.da de e s mk_trace_env(tr, te)) (M |= always s,tr.[[I]] rho A.ds < > de e s mk_trace_env(tr, te)) [vc_trace_correctness]

Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, te:(LabelLabel). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) (vVCs(A;I).trace_consistent_vc(rho;A.da;te;v)) [trace_consistent_ioa_inv_vc]

Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(LabelLabel). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) guarded_trace(A.da;te;I) closed_pred(I) single_valued_decls(A.ds) (s0,x:[[A]] rho de e.state, act:[[A]] rho de e.action, x':[[A]] rho de e.state, tr:([[A.da]] rho) List. [[A]] rho de e.init(s0) trace_reachable([[A]] rho de e;s0;mk_trace_env(tr, te).trace;x) [[I]] rho A.ds < > de e x mk_trace_env(tr, te) [[A]] rho de e.trans(x,act,x') ((t:dec(). t A.da & t.lbl = kind(act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act)) [vc_trace_correct_action_decl_lemma]

Thm* A:ioa{i:l}(), I:Fmla, de:sig(). tc_ioa(A;de) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) closed_pred(I) single_valued_decls(A.ds) tc_vcs{i}(VCs(A;I);A.ds;A.da;de) [tc_ioa_inv_vc]

Thm* A:ioa{i:l}(), r:rel(), rho:Decl, de:sig(), e:{[[de]] rho}, a:([[A.da]] rho), tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;tr.proj;r) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc(r;A.ds; < > ;de) closed_rel(r) covers_rel(A;r) [[A]] rho de e.trans(s,a,x') ([[r]] rho A.ds < > de e x' tr [[wp_rel(A;kind(a);r)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr)) [wp_rel_correctness]

Thm* vs:VCs{i}, ds,da:Collection{i}(dec()), de:sig(), rho:Decl{i}, e:{sig_mng{i:l}(de; rho)}, s:{[[ds]] rho}, tr:trace_env([[da]] rho). tc_vcs{i}(vs;ds;da;de) (vvs.trace_consistent_vc(rho;da;tr.proj;v)) [[vs]] rho ds da de e s tr Prop{i'} [vcs_mng_wf]

Thm* A:ioa{i:l}(), I:Fmla. ioa_trans_all{i}(A;I) VCs [ioa_trans_all_wf]

Thm* A:ioa{i:l}(), de:sig(). tc_ioa(A;de) ioa_mentions_trace(A) (Q:Fmla, rho:Decl, e:{[[de]] rho}, a:[[A]] rho de e.action, tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;tr.proj;Q) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc_pred(Q;A.ds; < > ;de) closed_pred(Q) covers_pred(A;Q) [[A]] rho de e.trans(s,a,x') ([[Q]] rho A.ds < > de e x' tr [[wp(A;kind(a);Q)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr))) [wp_correctness]

Thm* vs:VCs{i}, ds,da:Collection{i}(dec()), de:sig(). tc_vcs{i}(vs;ds;da;de) Prop{i'} [tc_vcs_wf]

Thm* A:ioa{i:l}(), de:sig(). tc_ioa(A;de) ioa_mentions_trace(A) (Q:Fmla, rho:Decl, e:{[[de]] rho}, a:[[A]] rho de e.action, tr:trace_env([[A.da]] rho). trace_consistent_pred(rho;A.da;tr.proj;Q) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc_pred(Q;A.ds; < > ;de) closed_pred(Q) covers_pred(A;Q) [[A]] rho de e.trans(s,a,x') (pred_mng_2(Q; rho; A.ds; < > ; de; e; s; x'; ; tr) [[wp2(A;kind(a);Q)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr))) [wp2_correctness]

Thm* v:vc{i:l}(), ds,da:Collection(dec()), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds]] rho}, tr:trace_env([[da]] rho). tc_vc(v;ds;da;de) trace_consistent_vc(rho;da;tr.proj;v) vc_mng(v;rho;ds;da;de;e;s;tr) Prop [vc_mng_wf]

Thm* A:ioa{i:l}(), Q:Fmla, rho:Decl, R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;R;Q) trace_consistent_pred(rho;A.da;R;wp(A;k;Q)) [trace_consistent_wp]

Thm* A:ioa{i:l}(), r:rel(), rho:Decl, de:sig(), e:{[[de]] rho}, a:([[A.da]] rho), tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;tr.proj;r) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc(r;A.ds; < > ;de) closed_rel(r) covers_rel(A;r) [[A]] rho de e.trans(s,a,x') (rel_mng_2(r; rho; A.ds; < > ; de; e; s; x'; ; tr) [[wp2_rel(A;kind(a);r)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr)) [wp2_rel_correctness]

Thm* A:ioa{i:l}(), Q:Fmla, de:sig(), a:Label. tc_ioa(A;de) single_valued_decls(A.ds) tc_pred(Q;A.ds;dec_lookup(A.da;a);de) tc_pred(wp(A;a;Q);A.ds;dec_lookup(A.da;a);de) [tc_wp]

Thm* A:ioa{i:l}(), a:Label, P:Fmla. wp2(A;a;(P)') = wp(A;a;P) [wp2_addprime]

Thm* A:ioa{i:l}(), r:rel(), rho:Decl, de:sig(), e:{[[de]] rho}, a:([[A.da]] rho), tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;tr.proj;r) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc(r;A.ds;dec_lookup(A.da;kind(a));de) covers_rel(A;r) [[A]] rho de e.trans(s,a,x') (rel_mng_2(r; rho; A.ds; dec_lookup(A.da;kind(a)); de; e; s; x'; value(a); tr) [[wp2_rel(A;kind(a);r)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr)) [wp2_rel_correct]

Thm* A:ioa{i:l}(), Q:Fmla, de:sig(), a:Label. tc_ioa(A;de) tc_pred(Q;A.ds;dec_lookup(A.da;a);de) single_valued_decls(A.ds) tc_pred(wp2(A;a;Q);A.ds;dec_lookup(A.da;a);de) [tc_wp2]

Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) (pred_mng_2(pred_unprime(p); rho; ds; da; de; e; s; s'; a; tr) [[p]] rho ds da de e s a tr) [pred_mng2_unprime]

Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) (pred_mng_2((p)'; rho; ds; da; de; e; s; s'; a; tr) [[p]] rho ds da de e s' a tr) [pred_mng2_addprime]

Thm* A:ioa{i:l}(), de:sig(), rho:Decl, e:{[[de]] rho}. tc_ioa(A;de) ioa_mentions_trace(A) [[A]] rho de e sm{i:l}() [ioa_mng_wf]

Thm* A:ioa{i:l}(), rho:Decl, de:sig(), act:([[A.da]] rho), r,r0:rel(). tc_ioa(A;de) r smts_eff_rel(action_effect(kind(act);A.eff;A.frame);r0) rel_eq(rel_unprime(r);rel_unprime(r0)) (t:dec(). t A.da & t.lbl = kind(act)) [rel_effect_lemma]

Thm* as:(LabelTerm) List, A:ioa{i:l}(), de:sig(), x:Label, t:SimpleType, k:Label. single_valued_decls(A.ds) tc_ioa(A;de) (i:. i < ||as|| 2of(as[i]) smts_eff(action_effect(k;A.eff;A.frame);1of(as[i]))) mk_dec(x, t) A.ds t term_types(A.ds;dec_lookup(A.da;k);de;apply_alist(as;x;x)) [tc_ioa_lemma]

Thm* v:vc{i:l}(), ds,da:Collection(dec()), de:sig(). tc_vc(v;ds;da;de) Prop [tc_vc_wf]

Thm* p:Fmla, rho:Decl, ds,daa:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), s:{[[ds]] rho}, e:{[[de]] rho}, a1,a2:Top, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da1;de) closed_pred(p) ([[p]] rho ds da1 de e s a1 tr [[p]] rho ds da2 de e s a2 tr) [closed_pred_mng]

Thm* A:ioa{i:l}(), Q:Fmla, rho:Decl, R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;R;Q) trace_consistent_pred(rho;A.da;R;wp2(A;k;Q)) [trace_consistent_wp2]

Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) closed_pred(p) pred_mng_2(p; rho; ds; da; de; e; s; s'; ; tr) Prop [pred_mng_2_wf_closed]

Thm* da:Collection(dec()), P:Fmla, rho:Decl, te:(LabelLabel). trace_consistent_pred(rho;da;te;P) trace_consistent_pred(rho;da;te;(P)') [trace_consistent_pred_addprime]

Thm* da:Collection(dec()), P:Fmla, rho:Decl, te:(LabelLabel). trace_consistent_pred(rho;da;te;P) trace_consistent_pred(rho;da;te;pred_unprime(P)) [trace_consistent_pred_unprime]

Thm* p1,p2:Fmla, ds1,ds2,daa:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds1]] rho}, a:[[da1]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p1) tc_pred(p1;ds1;da1;de) p1 = p2 ds1 = ds2 da1 = da2 ([[p1]] rho ds1 da1 de e s a tr [[p2]] rho ds2 da2 de e s a tr) [pred_mng_functionality]

Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) [[p]] rho ds da de e s a tr Prop [pred_mng_wf]

Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) pred_mng_2(p; rho; ds; da; de; e; s; s'; a; tr) Prop [pred_mng_2_wf]

Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, te:(LabelLabel), a:dec(). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) a A.da trace_consistent_pred(rho;A.da;te;smts_eff_pred(action_effect(a.lbl;A.eff;A.frame);I)) [trace_consistent_action_effect]

Thm* A:ioa{i:l}(), rho:Decl, r:rel(), R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;R;r) trace_consistent_pred(rho;A.da;R;wp2_rel(A;k;r)) [trace_consistent_wp2_rel]

Thm* A:ioa{i:l}(), rho:Decl, r:rel(), R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;R;r) trace_consistent_pred(rho;A.da;R;wp_rel(A;k;r)) [trace_consistent_wp_rel]

Thm* A:ioa{i:l}(), rho:Decl, te:(LabelLabel). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;A.init) [trace_consistent_init]

Thm* A:ioa{i:l}(), rho:Decl, te:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;action_pre(k;A.pre)) [trace_consistent_action_pre]

Thm* p,q:Fmla, rho:Decl, da:Collection(dec()), R:(LabelLabel). trace_consistent_pred(rho;da;R;p q) trace_consistent_pred(rho;da;R;p) & trace_consistent_pred(rho;da;R;q) [trace_consistent_pred_and]

Thm* p:Fmla, rho:Decl, da:Collection(dec()), R:(LabelLabel). trace_consistent_pred(rho;da;R;p) Prop [trace_consistent_pred_wf]

Thm* r:rel(), as:(LabelTerm) List, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, k:Label, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_rel(rho;daa;tr.proj;r) tc(r;ds;da;de) subst_mentions_trace(as) (x:Label. (x rel_primed_vars(r)) (t:SimpleType. mk_dec(x, t) ds t term_types(ds;da;de;apply_alist(as;x;x)) & s'.x = [[apply_alist(as;x;x)]] 1of(e) s a tr [[t]] rho)) tc(rel_subst2(as;r);ds;da;de) & trace_consistent_rel(rho;daa;tr.proj;rel_subst2(as;r)) & ([[rel_subst2(as;r)]] rho ds da de e s a tr rel_mng_2(r; rho; ds; da; de; e; s; s'; a; tr)) [rel_subst_mng_2_iff]

Thm* r:rel(), ds1,ds2,da:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds1]] rho}, a:[[da1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds1;da1;de) ds1 = ds2 da1 = da2 ([[r]] rho ds1 da1 de e s a tr [[r]] rho ds2 da2 de e s a tr) [rel_mng_functionality]

Thm* p:Fmla, ss:Collection(smt()). smts_eff_pred(ss;p) Fmla [smts_eff_pred_wf]

Thm* A:(Iioa{i:l}()), rho:Decl, de:sig(), e:{[[de]] rho}, s:([[ioa_all(I; i.A(i)).da]] rho), i:I. s [[A(i)]] rho de e.action [ioa_all_mng_action]

Thm* A:(Iioa{i:l}()), rho:Decl, de:sig(), e:{[[de]] rho}, s:{[[ioa_all(I; i.A(i)).ds]] rho}, i:I. s [[A(i)]] rho de e.state [ioa_all_mng_state]

Thm* p1,p2:Fmla, ds1,ds2:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(). p2 p1 ds1 ds2 da1 da2 tc_pred(p1;ds1;da1;de) tc_pred(p2;ds2;da2;de) [tc_pred_monotone]

Thm* p:Collection(rel()), ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(p;ds;da;de) (rp.tc(r;ds;da;de)) [tc_pred_col_all]

Thm* r:rel(), rho:Decl, ds,daa:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), s:{[[ds]] rho}, e:{[[de]] rho}, a1,a2:Top, tr:trace_env([[daa]] rho). trace_consistent_rel(rho;daa;tr.proj;r) tc(r;ds;da1;de) closed_rel(r) ([[r]] rho ds da1 de e s a1 tr [[r]] rho ds da2 de e s a2 tr) [closed_rel_mng_2]

Thm* rho:Decl, ds,daa:Collection(dec()), da1:Collection(SimpleType), de:sig(), s:{[[ds]] rho}, e:{[[de]] rho}, tr:trace_env([[daa]] rho), r:rel(). closed_rel(r) tc(r;ds;da1;de) trace_consistent_rel(rho;daa;tr.proj;r) [[r]] rho ds da1 de e s tr Prop [rel_mng_wf_closed]

Thm* r1,r2:rel(), ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s1,s2:{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_rel(rho;daa;tr.proj;r1) trace_consistent_rel(rho;daa;tr.proj;r2) tc(r1;ds;da;de) tc(r2;ds;da;de) r1.name = r2.name ||r1.args|| = ||r2.args|| (i:. i < ||r1.args|| [[r1.args[i]]] 1of(e) s1 a tr = [[r2.args[i]]] 1of(e) s1 s2 a tr [[rel_arg_typ(r1.name;i;de)]] rho) ([[r1]] rho ds da de e s1 a tr rel_mng_2(r2; rho; ds; da; de; e; s1; s2; a; tr)) [rel_mng_2_iff]

Thm* P:Fmla, ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(P;ds;da;de) tc_pred(pred_unprime(P);ds;da;de) [tc_pred_unprime]

Thm* P:Fmla, ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(P;ds;da;de) tc_pred((P)';ds;da;de) [tc_pred_addprime]

Thm* p1,p2:Fmla, ds1,ds2:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(). p1 = p2 ds1 = ds2 da1 = da2 (tc_pred(p1;ds1;da1;de) tc_pred(p2;ds2;da2;de)) [tc_pred_functionality]

Thm* p:Fmla, ds:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(). closed_pred(p) tc_pred(p;ds;da1;de) tc_pred(p;ds;da2;de) [tc_closed_pred]

Thm* r:rel(), ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred( < r > ;ds;da;de) tc(r;ds;da;de) [tc_pred_singleton]

Thm* r:rel(), ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(r;ds;da;de) tc(r;ds;da;de) [tc_pred_pred_rel]

Thm* r:rel(), ds,da:Collection(dec()), de:sig(), rho:Decl, st1:Collection(SimpleType), e:{[[de]] rho}, s:{[[ds]] rho}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) [[r]] rho ds st1 de e s a tr Prop [rel_mng_wf]

Thm* r:rel(), as:(LabelTerm) List, daa:Collection(dec()), rho:Decl, te:(LabelLabel). trace_consistent_rel(rho;daa;te;r) subst_mentions_trace(as) trace_consistent_rel(rho;daa;te;rel_subst2(as;r)) [trace_consistent_rel_subst2]

Thm* r:rel(), ds,da:Collection(dec()), de:sig(), rho:Decl, st1:Collection(SimpleType), e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) rel_mng_2(r; rho; ds; st1; de; e; s; s'; a; tr) Prop [rel_mng_2_wf]

Thm* r:rel(), i:, ds,da:Collection(dec()), st1:Collection(SimpleType), de:sig(), rho:Decl, s:{[[ds]] rho}, e:{1of([[de]] rho)}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) i < ||r.args|| [[r.args[i]]] e s a tr [[rel_arg_typ(r.name;i;de)]] rho [rel_arg_typing]

Thm* r:rel(), as:(LabelTerm) List, daa:Collection(dec()), rho:Decl, te:(LabelLabel). trace_consistent_rel(rho;daa;te;r) subst_mentions_trace(as) trace_consistent_rel(rho;daa;te;rel_subst(as;r)) [trace_consistent_rel_subst]

Thm* r:rel(), i:, ds,da:Collection(dec()), st1:Collection(SimpleType), de:sig(), rho:Decl, s,s':{[[ds]] rho}, e:{1of([[de]] rho)}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) i < ||r.args|| [[r.args[i]]] e s s' a tr [[rel_arg_typ(r.name;i;de)]] rho [rel_arg_typing2]

Def tc_vcs{i}(vs;ds;da;de) == v:vc{i:l}(). v vs tc_vc(v;ds;da;de) [tc_vcs]

Def [[vs]] rho ds da de e s tr == v:vc{i:l}(). v vs vc_mng(v;rho;ds;da;de;e;s;tr) [vcs_mng]

Def tc_ioa(A;de) == tc_pred(A.init;A.ds; < > ;de) & (p:pre(). p A.pre tc(p.rel;A.ds;dec_lookup(A.da;p.kind);de)) & (ef:eff(). ef A.eff mk_dec(ef.kind, ef.typ) A.da & tc_eff(ef;A.ds;de)) & (f:frame(). f A.frame mk_dec(f.var, f.typ) A.ds) [tc_ioa]

Def vc_mng(v;rho;ds;da;de;e;s;tr) == Case(v) Case vc_imp(hc) = > [[hc.hyp]] rho ds < > de e s mk_trace_env(nil, tr.proj) [[hc.concl]] rho ds < > de e s mk_trace_env(nil, tr.proj) Case vc_qimp(qhc) = > v:[[dec_lookup(da;qhc.lbl)]] rho. [[qhc.hyp]] rho ds dec_lookup(da;qhc.lbl) de e s v tr [[qhc.concl]] rho ds dec_lookup(da;qhc.lbl) de e s v tappend(tr; < qhc.lbl,v > ) Default = > False [vc_mng]

Def [[A]] rho de e == mk_sm([[A.da]] rho, [[A.ds]] rho, s.[[A.init]] rho A.ds < > de e s niltrace(), s1,a,s2. (p:pre(). p A.pre p.kind = kind(a) [[p.rel]] rho A.ds dec_lookup(A.da;kind(a)) de e s1 value(a) niltrace()) & (ef:eff(). ef A.eff ef.kind = kind(a) s2.ef.smt.lbl = [[ef.smt.term]] 1of(e) s1 value(a) niltrace() [[ef.smt.typ]] rho) & (fr:frame(). fr A.frame (kind(a) fr.acts) s2.fr.var = s1.fr.var [[fr.typ]] rho)) [ioa_mng]

Def tc_pred(P;ds;da;de) == r:rel(). r P tc(r;ds;da;de) [tc_pred]

In prior sections: core well fnd int 1 bool 1 sqequal 1 fun 1 int 2 list 1 prog 1 rel 1 mb basic mb nat union num thy 1 mb list 1 mb label mb declaration mb record mb events mb collection mb tree mb list 2 mb automata 1 mb automata 2 mb state machine mb automata 3

Try larger context: GenAutomata

mb automata 4 Sections GenAutomata Doc

`Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(LabelLabel). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) guarded_trace(A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) closed_pred(I) single_valued_decls(A.ds) let M = [[A]] rho de e in (s:M.state, tr:([[A.da]] rho) List. (M -tr- > s) [[VCs(A;I)]] rho A.ds A.da de e s mk_trace_env(tr, te)) (M \|= always s,tr.[[I]] rho A.ds < > de e s mk_trace_env(tr, te))`	[vc_trace_correctness]
`Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, te:(LabelLabel). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) (vVCs(A;I).trace_consistent_vc(rho;A.da;te;v))`	[trace_consistent_ioa_inv_vc]
Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, de:sig(), e:{[[de]] rho}, te:(LabelLabel). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) guarded_trace(A.da;te;I) closed_pred(I) single_valued_decls(A.ds) (s0,x:[[A]] rho de e.state, act:[[A]] rho de e.action, x':[[A]] rho de e.state, tr:([[A.da]] rho) List. [[A]] rho de e.init(s0) trace_reachable([[A]] rho de e;s0;mk_trace_env(tr, te).trace;x) [[I]] rho A.ds < > de e x mk_trace_env(tr, te) [[A]] rho de e.trans(x,act,x') ((t:dec(). t A.da & t.lbl = kind(act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act)) [[I]] rho A.ds < > de e x' tappend(mk_trace_env(tr, te);act))	[vc_trace_correct_action_decl_lemma]
`Thm* A:ioa{i:l}(), I:Fmla, de:sig(). tc_ioa(A;de) tc_pred(I;A.ds; < > ;de) covers_pred(A;I) closed_pred(I) single_valued_decls(A.ds) tc_vcs{i}(VCs(A;I);A.ds;A.da;de)`	[tc_ioa_inv_vc]
`Thm* A:ioa{i:l}(), r:rel(), rho:Decl, de:sig(), e:{[[de]] rho}, a:([[A.da]] rho), tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;tr.proj;r) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc(r;A.ds; < > ;de) closed_rel(r) covers_rel(A;r) [[A]] rho de e.trans(s,a,x') ([[r]] rho A.ds < > de e x' tr [[wp_rel(A;kind(a);r)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr))`	[wp_rel_correctness]
`Thm* vs:VCs{i}, ds,da:Collection{i}(dec()), de:sig(), rho:Decl{i}, e:{sig_mng{i:l}(de; rho)}, s:{[[ds]] rho}, tr:trace_env([[da]] rho). tc_vcs{i}(vs;ds;da;de) (vvs.trace_consistent_vc(rho;da;tr.proj;v)) [[vs]] rho ds da de e s tr Prop{i'}`	[vcs_mng_wf]
`Thm* A:ioa{i:l}(), I:Fmla. ioa_trans_all{i}(A;I) VCs`	[ioa_trans_all_wf]
`Thm* A:ioa{i:l}(), de:sig(). tc_ioa(A;de) ioa_mentions_trace(A) (Q:Fmla, rho:Decl, e:{[[de]] rho}, a:[[A]] rho de e.action, tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;tr.proj;Q) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc_pred(Q;A.ds; < > ;de) closed_pred(Q) covers_pred(A;Q) [[A]] rho de e.trans(s,a,x') ([[Q]] rho A.ds < > de e x' tr [[wp(A;kind(a);Q)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr)))`	[wp_correctness]
`Thm* vs:VCs{i}, ds,da:Collection{i}(dec()), de:sig(). tc_vcs{i}(vs;ds;da;de) Prop{i'}`	[tc_vcs_wf]
`Thm* A:ioa{i:l}(), de:sig(). tc_ioa(A;de) ioa_mentions_trace(A) (Q:Fmla, rho:Decl, e:{[[de]] rho}, a:[[A]] rho de e.action, tr:trace_env([[A.da]] rho). trace_consistent_pred(rho;A.da;tr.proj;Q) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc_pred(Q;A.ds; < > ;de) closed_pred(Q) covers_pred(A;Q) [[A]] rho de e.trans(s,a,x') (pred_mng_2(Q; rho; A.ds; < > ; de; e; s; x'; ; tr) [[wp2(A;kind(a);Q)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr)))`	[wp2_correctness]
`Thm* v:vc{i:l}(), ds,da:Collection(dec()), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds]] rho}, tr:trace_env([[da]] rho). tc_vc(v;ds;da;de) trace_consistent_vc(rho;da;tr.proj;v) vc_mng(v;rho;ds;da;de;e;s;tr) Prop`	[vc_mng_wf]
`Thm* A:ioa{i:l}(), Q:Fmla, rho:Decl, R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;R;Q) trace_consistent_pred(rho;A.da;R;wp(A;k;Q))`	[trace_consistent_wp]
`Thm* A:ioa{i:l}(), r:rel(), rho:Decl, de:sig(), e:{[[de]] rho}, a:([[A.da]] rho), tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;tr.proj;r) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc(r;A.ds; < > ;de) closed_rel(r) covers_rel(A;r) [[A]] rho de e.trans(s,a,x') (rel_mng_2(r; rho; A.ds; < > ; de; e; s; x'; ; tr) [[wp2_rel(A;kind(a);r)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr))`	[wp2_rel_correctness]
`Thm* A:ioa{i:l}(), Q:Fmla, de:sig(), a:Label. tc_ioa(A;de) single_valued_decls(A.ds) tc_pred(Q;A.ds;dec_lookup(A.da;a);de) tc_pred(wp(A;a;Q);A.ds;dec_lookup(A.da;a);de)`	[tc_wp]
`Thm* A:ioa{i:l}(), a:Label, P:Fmla. wp2(A;a;(P)') = wp(A;a;P)`	[wp2_addprime]
`Thm* A:ioa{i:l}(), r:rel(), rho:Decl, de:sig(), e:{[[de]] rho}, a:([[A.da]] rho), tr:trace_env([[A.da]] rho). tc_ioa(A;de) ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;tr.proj;r) single_valued_decls(A.ds) (s,x':[[A]] rho de e.state. tc(r;A.ds;dec_lookup(A.da;kind(a));de) covers_rel(A;r) [[A]] rho de e.trans(s,a,x') (rel_mng_2(r; rho; A.ds; dec_lookup(A.da;kind(a)); de; e; s; x'; value(a); tr) [[wp2_rel(A;kind(a);r)]] rho A.ds dec_lookup(A.da;kind(a)) de e s value(a) tr))`	[wp2_rel_correct]
`Thm* A:ioa{i:l}(), Q:Fmla, de:sig(), a:Label. tc_ioa(A;de) tc_pred(Q;A.ds;dec_lookup(A.da;a);de) single_valued_decls(A.ds) tc_pred(wp2(A;a;Q);A.ds;dec_lookup(A.da;a);de)`	[tc_wp2]
`Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) (pred_mng_2(pred_unprime(p); rho; ds; da; de; e; s; s'; a; tr) [[p]] rho ds da de e s a tr)`	[pred_mng2_unprime]
`Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) (pred_mng_2((p)'; rho; ds; da; de; e; s; s'; a; tr) [[p]] rho ds da de e s' a tr)`	[pred_mng2_addprime]
`Thm* A:ioa{i:l}(), de:sig(), rho:Decl, e:{[[de]] rho}. tc_ioa(A;de) ioa_mentions_trace(A) [[A]] rho de e sm{i:l}()`	[ioa_mng_wf]
`Thm* A:ioa{i:l}(), rho:Decl, de:sig(), act:([[A.da]] rho), r,r0:rel(). tc_ioa(A;de) r smts_eff_rel(action_effect(kind(act);A.eff;A.frame);r0) rel_eq(rel_unprime(r);rel_unprime(r0)) (t:dec(). t A.da & t.lbl = kind(act))`	[rel_effect_lemma]
`Thm* as:(LabelTerm) List, A:ioa{i:l}(), de:sig(), x:Label, t:SimpleType, k:Label. single_valued_decls(A.ds) tc_ioa(A;de) (i:. i < \|\|as\|\| 2of(as[i]) smts_eff(action_effect(k;A.eff;A.frame);1of(as[i]))) mk_dec(x, t) A.ds t term_types(A.ds;dec_lookup(A.da;k);de;apply_alist(as;x;x))`	[tc_ioa_lemma]
`Thm* v:vc{i:l}(), ds,da:Collection(dec()), de:sig(). tc_vc(v;ds;da;de) Prop`	[tc_vc_wf]
`Thm* p:Fmla, rho:Decl, ds,daa:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), s:{[[ds]] rho}, e:{[[de]] rho}, a1,a2:Top, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da1;de) closed_pred(p) ([[p]] rho ds da1 de e s a1 tr [[p]] rho ds da2 de e s a2 tr)`	[closed_pred_mng]
`Thm* A:ioa{i:l}(), Q:Fmla, rho:Decl, R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;R;Q) trace_consistent_pred(rho;A.da;R;wp2(A;k;Q))`	[trace_consistent_wp2]
`Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) closed_pred(p) pred_mng_2(p; rho; ds; da; de; e; s; s'; ; tr) Prop`	[pred_mng_2_wf_closed]
`Thm* da:Collection(dec()), P:Fmla, rho:Decl, te:(LabelLabel). trace_consistent_pred(rho;da;te;P) trace_consistent_pred(rho;da;te;(P)')`	[trace_consistent_pred_addprime]
`Thm* da:Collection(dec()), P:Fmla, rho:Decl, te:(LabelLabel). trace_consistent_pred(rho;da;te;P) trace_consistent_pred(rho;da;te;pred_unprime(P))`	[trace_consistent_pred_unprime]
`Thm* p1,p2:Fmla, ds1,ds2,daa:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds1]] rho}, a:[[da1]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p1) tc_pred(p1;ds1;da1;de) p1 = p2 ds1 = ds2 da1 = da2 ([[p1]] rho ds1 da1 de e s a tr [[p2]] rho ds2 da2 de e s a tr)`	[pred_mng_functionality]
`Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) [[p]] rho ds da de e s a tr Prop`	[pred_mng_wf]
`Thm* p:Fmla, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_pred(rho;daa;tr.proj;p) tc_pred(p;ds;da;de) pred_mng_2(p; rho; ds; da; de; e; s; s'; a; tr) Prop`	[pred_mng_2_wf]
`Thm* A:ioa{i:l}(), I:Fmla, rho:Decl, te:(LabelLabel), a:dec(). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;I) a A.da trace_consistent_pred(rho;A.da;te;smts_eff_pred(action_effect(a.lbl;A.eff;A.frame);I))`	[trace_consistent_action_effect]
`Thm* A:ioa{i:l}(), rho:Decl, r:rel(), R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;R;r) trace_consistent_pred(rho;A.da;R;wp2_rel(A;k;r))`	[trace_consistent_wp2_rel]
`Thm* A:ioa{i:l}(), rho:Decl, r:rel(), R:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_rel(rho;A.da;R;r) trace_consistent_pred(rho;A.da;R;wp_rel(A;k;r))`	[trace_consistent_wp_rel]
`Thm* A:ioa{i:l}(), rho:Decl, te:(LabelLabel). ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;A.init)`	[trace_consistent_init]
`Thm* A:ioa{i:l}(), rho:Decl, te:(LabelLabel), k:Label. ioa_mentions_trace(A) trace_consistent_pred(rho;A.da;te;action_pre(k;A.pre))`	[trace_consistent_action_pre]
`Thm* p,q:Fmla, rho:Decl, da:Collection(dec()), R:(LabelLabel). trace_consistent_pred(rho;da;R;p q) trace_consistent_pred(rho;da;R;p) & trace_consistent_pred(rho;da;R;q)`	[trace_consistent_pred_and]
`Thm* p:Fmla, rho:Decl, da:Collection(dec()), R:(LabelLabel). trace_consistent_pred(rho;da;R;p) Prop`	[trace_consistent_pred_wf]
Thm* r:rel(), as:(LabelTerm) List, ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s,s':{[[ds]] rho}, k:Label, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_rel(rho;daa;tr.proj;r) tc(r;ds;da;de) subst_mentions_trace(as) (x:Label. (x rel_primed_vars(r)) (t:SimpleType. mk_dec(x, t) ds t term_types(ds;da;de;apply_alist(as;x;x)) & s'.x = [[apply_alist(as;x;x)]] 1of(e) s a tr [[t]] rho)) tc(rel_subst2(as;r);ds;da;de) & trace_consistent_rel(rho;daa;tr.proj;rel_subst2(as;r)) & ([[rel_subst2(as;r)]] rho ds da de e s a tr rel_mng_2(r; rho; ds; da; de; e; s; s'; a; tr))	[rel_subst_mng_2_iff]
`Thm* r:rel(), ds1,ds2,da:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s:{[[ds1]] rho}, a:[[da1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds1;da1;de) ds1 = ds2 da1 = da2 ([[r]] rho ds1 da1 de e s a tr [[r]] rho ds2 da2 de e s a tr)`	[rel_mng_functionality]
`Thm* p:Fmla, ss:Collection(smt()). smts_eff_pred(ss;p) Fmla`	[smts_eff_pred_wf]
`Thm* A:(Iioa{i:l}()), rho:Decl, de:sig(), e:{[[de]] rho}, s:([[ioa_all(I; i.A(i)).da]] rho), i:I. s [[A(i)]] rho de e.action`	[ioa_all_mng_action]
`Thm* A:(Iioa{i:l}()), rho:Decl, de:sig(), e:{[[de]] rho}, s:{[[ioa_all(I; i.A(i)).ds]] rho}, i:I. s [[A(i)]] rho de e.state`	[ioa_all_mng_state]
`Thm* p1,p2:Fmla, ds1,ds2:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(). p2 p1 ds1 ds2 da1 da2 tc_pred(p1;ds1;da1;de) tc_pred(p2;ds2;da2;de)`	[tc_pred_monotone]
`Thm* p:Collection(rel()), ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(p;ds;da;de) (rp.tc(r;ds;da;de))`	[tc_pred_col_all]
`Thm* r:rel(), rho:Decl, ds,daa:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(), s:{[[ds]] rho}, e:{[[de]] rho}, a1,a2:Top, tr:trace_env([[daa]] rho). trace_consistent_rel(rho;daa;tr.proj;r) tc(r;ds;da1;de) closed_rel(r) ([[r]] rho ds da1 de e s a1 tr [[r]] rho ds da2 de e s a2 tr)`	[closed_rel_mng_2]
`Thm* rho:Decl, ds,daa:Collection(dec()), da1:Collection(SimpleType), de:sig(), s:{[[ds]] rho}, e:{[[de]] rho}, tr:trace_env([[daa]] rho), r:rel(). closed_rel(r) tc(r;ds;da1;de) trace_consistent_rel(rho;daa;tr.proj;r) [[r]] rho ds da1 de e s tr Prop`	[rel_mng_wf_closed]
Thm* r1,r2:rel(), ds,daa:Collection(dec()), da:Collection(SimpleType), de:sig(), rho:Decl, e:{[[de]] rho}, s1,s2:{[[ds]] rho}, a:[[da]] rho, tr:trace_env([[daa]] rho). trace_consistent_rel(rho;daa;tr.proj;r1) trace_consistent_rel(rho;daa;tr.proj;r2) tc(r1;ds;da;de) tc(r2;ds;da;de) r1.name = r2.name \|\|r1.args\|\| = \|\|r2.args\|\| (i:. i < \|\|r1.args\|\| [[r1.args[i]]] 1of(e) s1 a tr = [[r2.args[i]]] 1of(e) s1 s2 a tr [[rel_arg_typ(r1.name;i;de)]] rho) ([[r1]] rho ds da de e s1 a tr rel_mng_2(r2; rho; ds; da; de; e; s1; s2; a; tr))	[rel_mng_2_iff]
`Thm* P:Fmla, ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(P;ds;da;de) tc_pred(pred_unprime(P);ds;da;de)`	[tc_pred_unprime]
`Thm* P:Fmla, ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(P;ds;da;de) tc_pred((P)';ds;da;de)`	[tc_pred_addprime]
`Thm* p1,p2:Fmla, ds1,ds2:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(). p1 = p2 ds1 = ds2 da1 = da2 (tc_pred(p1;ds1;da1;de) tc_pred(p2;ds2;da2;de))`	[tc_pred_functionality]
`Thm* p:Fmla, ds:Collection(dec()), da1,da2:Collection(SimpleType), de:sig(). closed_pred(p) tc_pred(p;ds;da1;de) tc_pred(p;ds;da2;de)`	[tc_closed_pred]
`Thm* r:rel(), ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred( < r > ;ds;da;de) tc(r;ds;da;de)`	[tc_pred_singleton]
`Thm* r:rel(), ds:Collection(dec()), da:Collection(SimpleType), de:sig(). tc_pred(r;ds;da;de) tc(r;ds;da;de)`	[tc_pred_pred_rel]
`Thm* r:rel(), ds,da:Collection(dec()), de:sig(), rho:Decl, st1:Collection(SimpleType), e:{[[de]] rho}, s:{[[ds]] rho}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) [[r]] rho ds st1 de e s a tr Prop`	[rel_mng_wf]
`Thm* r:rel(), as:(LabelTerm) List, daa:Collection(dec()), rho:Decl, te:(LabelLabel). trace_consistent_rel(rho;daa;te;r) subst_mentions_trace(as) trace_consistent_rel(rho;daa;te;rel_subst2(as;r))`	[trace_consistent_rel_subst2]
`Thm* r:rel(), ds,da:Collection(dec()), de:sig(), rho:Decl, st1:Collection(SimpleType), e:{[[de]] rho}, s,s':{[[ds]] rho}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) rel_mng_2(r; rho; ds; st1; de; e; s; s'; a; tr) Prop`	[rel_mng_2_wf]
`Thm* r:rel(), i:, ds,da:Collection(dec()), st1:Collection(SimpleType), de:sig(), rho:Decl, s:{[[ds]] rho}, e:{1of([[de]] rho)}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) i < \|\|r.args\|\| [[r.args[i]]] e s a tr [[rel_arg_typ(r.name;i;de)]] rho`	[rel_arg_typing]
`Thm* r:rel(), as:(LabelTerm) List, daa:Collection(dec()), rho:Decl, te:(LabelLabel). trace_consistent_rel(rho;daa;te;r) subst_mentions_trace(as) trace_consistent_rel(rho;daa;te;rel_subst(as;r))`	[trace_consistent_rel_subst]
`Thm* r:rel(), i:, ds,da:Collection(dec()), st1:Collection(SimpleType), de:sig(), rho:Decl, s,s':{[[ds]] rho}, e:{1of([[de]] rho)}, a:[[st1]] rho, tr:trace_env([[da]] rho). trace_consistent_rel(rho;da;tr.proj;r) tc(r;ds;st1;de) i < \|\|r.args\|\| [[r.args[i]]] e s s' a tr [[rel_arg_typ(r.name;i;de)]] rho`	[rel_arg_typing2]
`Def tc_vcs{i}(vs;ds;da;de) == v:vc{i:l}(). v vs tc_vc(v;ds;da;de)`	[tc_vcs]
`Def [[vs]] rho ds da de e s tr == v:vc{i:l}(). v vs vc_mng(v;rho;ds;da;de;e;s;tr)`	[vcs_mng]
`Def tc_ioa(A;de) == tc_pred(A.init;A.ds; < > ;de) & (p:pre(). p A.pre tc(p.rel;A.ds;dec_lookup(A.da;p.kind);de)) & (ef:eff(). ef A.eff mk_dec(ef.kind, ef.typ) A.da & tc_eff(ef;A.ds;de)) & (f:frame(). f A.frame mk_dec(f.var, f.typ) A.ds)`	[tc_ioa]
`Def vc_mng(v;rho;ds;da;de;e;s;tr) == Case(v) Case vc_imp(hc) = > [[hc.hyp]] rho ds < > de e s mk_trace_env(nil, tr.proj) [[hc.concl]] rho ds < > de e s mk_trace_env(nil, tr.proj) Case vc_qimp(qhc) = > v:[[dec_lookup(da;qhc.lbl)]] rho. [[qhc.hyp]] rho ds dec_lookup(da;qhc.lbl) de e s v tr [[qhc.concl]] rho ds dec_lookup(da;qhc.lbl) de e s v tappend(tr; < qhc.lbl,v > ) Default = > False`	[vc_mng]
`Def [[A]] rho de e == mk_sm([[A.da]] rho, [[A.ds]] rho, s.[[A.init]] rho A.ds < > de e s niltrace(), s1,a,s2. (p:pre(). p A.pre p.kind = kind(a) [[p.rel]] rho A.ds dec_lookup(A.da;kind(a)) de e s1 value(a) niltrace()) & (ef:eff(). ef A.eff ef.kind = kind(a) s2.ef.smt.lbl = [[ef.smt.term]] 1of(e) s1 value(a) niltrace() [[ef.smt.typ]] rho) & (fr:frame(). fr A.frame (kind(a) fr.acts) s2.fr.var = s1.fr.var [[fr.typ]] rho))`	[ioa_mng]
`Def tc_pred(P;ds;da;de) == r:rel(). r P tc(r;ds;da;de)`	[tc_pred]